• Journal of Internet of Things and Convergence
• /
• v.10 no.2
• /
• pp.77-84
• /
• 2024

Over the past few years, IoT edges have begun to emerge based on new low-latency communication protocols such as 5G. However, IoT edges, despite their enormous advantages, pose new complementary threats, requiring new security solutions to address them. In this paper, we propose a cloud environment-based IoT edge architecture model that complements IoT systems. The proposed model acts on machine learning to prevent security threats in advance with network traffic data extracted from IoT edge devices. In addition, the proposed model ensures load and security in the access network (edge) by allocating some of the security data at the local node. The proposed model further reduces the load on the access network (edge) and secures the vulnerable part by allocating some functions of data processing and management to the local node among IoT edge environments. The proposed model virtualizes various IoT functions as a name service, and deploys hardware functions and sufficient computational resources to local nodes as needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.17-30
• /
• 2001

In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.465-475
• /
• 2022

Due to the impact of COVID-19, people are paying attention to convenience and health, and the use of IoT devices to help them is increasing. In order to embed a lightweight security element in IoT devices that need to handle sensitive information even with limited resources, the development of a lightweight S-box is essential. Until 2021, it was common to develop a lightweight 4-bit S-box by a heuristic method, and to develop an extended structure or repeat the same operation for a larger size lightweight S-box. However, in January 2022, a paper that proposed a heuristic algorithm to find an 8-bit S-box with better differential uniformity and linearity than the S-box generated with an MISTY extended structure, although non-bijective, was published [1]. The heuristic algorithm proposed in this paper generates an S-box by adding AND operations one by one. Whenever an AND operation is added, they use a method that pre-removes the S-box for which the calculated differential uniformity does not reach the desired criterion. In this paper, we improve the performance of this heuristic algorithm. By increasing the amount of pre-removal using not only differential uniformity but also other differential property, and adding a process of calculating linearity for pre-removing, it is possible to satisfy not only differential security but also linear security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.263-279
• /
• 2024

With the increasing trend of Cloud migration, security threats in the Cloud computing environment have also experienced a significant increase. Consequently, the importance of efficient incident investigation through log data analysis is being emphasized. In Cloud environments, the diversity of services and ease of resource creation generate a large volume of log data. Difficulties remain in determining which events to investigate when an incident occurs, and examining all the extensive log data requires considerable time and effort. Therefore, a systematic approach for efficient data investigation is necessary. CloudTrail, the Amazon Web Services(AWS) logging service, collects logs of all API call events occurring in an account. However, CloudTrail lacks insights into which logs to analyze in the event of an incident. This paper proposes an automated analysis framework that integrates Cloud Matrix and event information for efficient incident investigation. The framework enables simultaneous examination of user behavior log events, event frequency, and attack information. We believe the proposed framework contributes to Cloud incident investigations by efficiently identifying critical events based on the ATT&CK Framework.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.3
• /
• pp.1-7
• /
• 2018

The IoT environment provides an infinite variety of services using many different devices and networks. The development of the IoT environment is directly proportional to the level of security that can be provided. In some ways, lightweight cryptography is suitable for IoT environments, because it provides security, higher throughput, low power consumption and compactness. However, it has the limitation that it must form a new cryptosystem and be used within a limited resource range. Therefore, it is not the best solution for the IoT environment that requires diversification. Therefore, in order to overcome these disadvantages, this paper proposes a method suitable for the IoT environment, while using the existing block cipher algorithm, viz. the lightweight cipher algorithm, and keeping the existing system (viz. the sensing part and the server) almost unchanged. The proposed BCL architecture can perform encryption for various sensor devices in existing wire/wireless USNs (using) lightweight encryption. The proposed BCL architecture includes a pre/post-processing part in the existing block cipher algorithm, which allows various scattered devices to operate in a daisy chain network environment. This characteristic is optimal for the information security of distributed sensor systems and does not affect the neighboring network environment, even if hacking and cracking occur. Therefore, the BCL architecture proposed in the IoT environment can provide an optimal solution for the diversified IoT environment, because the existing block cryptographic algorithm, viz. the lightweight cryptographic algorithm, can be used.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.48 no.5
• /
• pp.66-73
• /
• 2011

I try to solve the problem of the usage of the general software interrupt with the nested call of the software interrupt and the effective passing way of the parameters. The software interrupt should be protected against the indiscriminate access because it is used to call the system functions or to use the system resources by generating a software interrupt. But, it is difficult to effectively handle the SWI instruction because of its limited usage. I designed and implemented nested call of the software interrupt and the effective way that handle the parameters in the software interrupt service routine to solve this problem in this paper. In other words, from the single SWI call to the nested SWI call, I improved the software interrupt use all the more flexibly, and I compared and analyzed the strong and weak points of the two passing ways of the parameters. The main differences between these two ways are speed and readability. The stack pointer getting way incurred a lot of overhead although it has a very great readability. But, the stack pointer passing way producted 19% of the effectivity in speed by reduce overhead.

• Journal of Broadcast Engineering
• /
• v.8 no.4
• /
• pp.410-426
• /
• 2003

MPEG-21 defines a digital item as an atomic unit lot creation, delivery and consumption in order to provide an integrated multimedia framework in networked environments. It is expected that MPEG-21 standardization makes it Possible for users to universally access user's preferred contents in their own way they want. In order to achieve this goal, MPEG-21 has standardized the specifications for the Digital Item Declaration (DID). Digital Identification (DII), Rights Expression Language (REL), Right Data Dictionary (RDD) and Digital Item Adaptation (DIA), and is standardizing the specifications for the Digital Item Processing (DIP), Persistent Association Technology (PAT) and Intellectual Property Management and Protection (IPMP) tot transparent and secured usage of multimedia. In this paper, we design an MPEG-21 terminal architecture based one the MPEG-21 standard with DID, DIA and DIP, and implement with the MPEG-21 terminal. We make a video summarization service scenario in order to validate ow proposed MPEG-21 terminal for the feasibility to of DID, DIA and DIP. Then we present a series of experimental results that digital items are processed as a specific form after adaptation fit for the characteristics of MPEG-21 terminal and are consumed with interoperability based on a PC and a PDA platform. It is believed that this paper has n important significance in the sense that we, for the first time, implement an MPEG-21 terminal which allows for a video summarization service application in an interoperable way for digital item adaptation and processing nth experimental results.